package com.shuda.business.auth.controller;

import com.shuda.business.auth.service.AuthService;
import com.shuda.common.dto.LoginDTO;
import com.shuda.common.dto.UserDTO;
import com.shuda.common.result.Result;
import com.shuda.common.vo.LoginVO;
import com.shuda.common.vo.UserVO;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

/**
 * 用户认证控制器
 */
@RestController
@RequestMapping("/api/auth")
@RequiredArgsConstructor
@Tag(name = "用户认证", description = "用户认证相关接口")
public class AuthController {

    private final AuthService authService;

    /**
     * 用户登录
     */
    @PostMapping("/login")
    @Operation(summary = "用户登录")
    public Result<LoginVO> login(@RequestBody LoginDTO loginDTO) {
        return Result.success(authService.login(loginDTO));
    }

    /**
     * 用户登出
     */
    @PostMapping("/logout")
    @Operation(summary = "用户登出")
    public Result<Boolean> logout(@Parameter(description = "token") @RequestHeader("Authorization") String token) {
        return Result.success(authService.logout(token));
    }

    /**
     * 刷新token
     */
    @PostMapping("/refresh")
    @Operation(summary = "刷新token")
    public Result<LoginVO> refresh(@Parameter(description = "refresh token") @RequestHeader("X-Refresh-Token") String refreshToken) {
        return Result.success(authService.refresh(refreshToken));
    }

    /**
     * 获取当前用户信息
     */
    @GetMapping("/profile")
    @Operation(summary = "获取当前用户信息")
    @PreAuthorize("hasAuthority('user:view')")
    public Result<UserVO> getProfile(@Parameter(description = "用户ID") @RequestParam Long userId) {
        return Result.success(authService.getUserProfile(userId));
    }

    /**
     * 更新用户信息
     */
    @PutMapping("/profile")
    @Operation(summary = "更新用户信息")
    @PreAuthorize("hasAuthority('user:update')")
    public Result<Boolean> updateProfile(@RequestBody UserDTO userDTO) {
        return Result.success(authService.updateUserProfile(userDTO));
    }

    /**
     * 修改密码
     */
    @PutMapping("/password")
    @Operation(summary = "修改密码")
    @PreAuthorize("hasAuthority('user:update')")
    public Result<Boolean> changePassword(
            @Parameter(description = "用户ID") @RequestParam Long userId,
            @Parameter(description = "旧密码") @RequestParam String oldPassword,
            @Parameter(description = "新密码") @RequestParam String newPassword) {
        return Result.success(authService.changePassword(userId, oldPassword, newPassword));
    }

    /**
     * 获取用户权限
     */
    @GetMapping("/permissions")
    @Operation(summary = "获取用户权限")
    @PreAuthorize("hasAuthority('user:view')")
    public Result<List<String>> getUserPermissions(@Parameter(description = "用户ID") @RequestParam Long userId) {
        return Result.success(authService.getUserPermissions(userId));
    }

    /**
     * 获取用户菜单
     */
    @GetMapping("/menus")
    @Operation(summary = "获取用户菜单")
    @PreAuthorize("hasAuthority('user:view')")
    public Result<List<MenuVO>> getUserMenus(@Parameter(description = "用户ID") @RequestParam Long userId) {
        return Result.success(authService.getUserMenus(userId));
    }
}